Class AuthenticationController
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.web.context.ServletContextAware
- Direct Known Subclasses:
WebPlatformController
public class AuthenticationController extends ControllerBase
Controller, which serves authentication process. Process itself consists of these methods:
setRedirectUrl
- sets redirect URL, where to redirect user after successful authentication, if not set configuration valueloggedInPage
is respectedauthenticate
- starts authentication process, respects configuration valuesusePersonalFactor
anduseComfortFactor
proxy
- asks for authentication process statusauthenticateCheck
- checks authentication result, there are these substeps:getResultNoLFCheck
- evaluates authentication result without local factor success checkbuildPrincipal
- builds ADUCID principal from authentication responsecheckPersonalFactor
- checks personal factor value, respects configuration valuesusePersonalFactor
andcheckPersonalFactor
checkProofing
- checks proofing status, respects configuration valuescheckProofing
andcheckNotApproved
After successful login, there are authentication data saved in HTTP session as predefined principal
attribute. You can use
getPrincipal
method to access that authentication data. At the end of work, you can destroy web session using one
of these methods:
logout
- starts user logout, respects configuration valueslogoutPage
invalidate
- invalidates web session
Created 27. 1. 2017 10:36:17
- Author:
- Radek Jira
-
Constructor Summary
Constructors Constructor Description AuthenticationController()
-
Method Summary
Modifier and Type Method Description java.lang.String
authenticate(java.lang.String id, java.lang.Boolean generateQrCodePicture, javax.servlet.http.HttpServletRequest httpRequest)
Starts authentication operation.org.springframework.web.servlet.ModelAndView
authenticateCheck(java.lang.String id, java.lang.String authId, java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest)
Evaluates authentication operation result.protected void
binderLogout(javax.servlet.http.HttpServletRequest httpRequest)
Binder logout.protected com.aducid.principal.AducidPrincipal
buildPrincipal(java.lang.String id, com.aducid.sdk.pojo.GetPSLAttributesResponse authData)
Builds principal.protected void
checkAccess(java.lang.String id, java.lang.String authId, java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest)
Checks access.protected void
checkPersonalFactor(java.lang.String id, com.aducid.principal.AducidPrincipal principal, javax.servlet.http.HttpServletRequest httpRequest)
Checks personal factor.protected void
checkProofing(java.lang.String id, com.aducid.principal.AducidPrincipal principal)
Checks proofing.protected void
checkResult(java.lang.String id, java.lang.String authId, java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest)
Checks operation result.protected void
fixateSession(javax.servlet.http.HttpServletRequest httpRequest)
Fixates session.protected java.lang.String
getAuthId(javax.servlet.http.HttpServletRequest httpRequest)
Returns authentication identifier from principal.protected java.lang.String
getAuthKey(javax.servlet.http.HttpServletRequest httpRequest)
Returns authentication key from principal.java.lang.String
getLoggedInPage()
Returns logged in page.java.lang.String
getLogoutPage()
Returns logout page.protected com.aducid.principal.AducidPrincipal
getPrincipal(javax.servlet.http.HttpServletRequest httpRequest)
Returns principal.protected java.lang.Boolean
getVerifiedLF(javax.servlet.http.HttpServletRequest httpRequest)
Returns verified LF flag value from principal.java.lang.String
invalidate(javax.servlet.http.HttpServletRequest httpRequest)
Invalidates HTTP session.java.lang.String
isSessionValid(javax.servlet.http.HttpServletRequest httpRequest)
Checks session validity.java.lang.String
logout(java.lang.String id, javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
User logout.protected org.springframework.web.servlet.ModelAndView
processResponse(java.lang.String id, javax.servlet.http.HttpServletRequest httpRequest)
Processes response.java.lang.String
proxy(java.lang.String id, java.lang.String publicMethod, javax.servlet.http.HttpServletRequest httpRequest)
Calls public R4 method.java.lang.String
setErrorPage(java.lang.String id, java.lang.String errorPage, javax.servlet.http.HttpServletRequest httpRequest)
Sets error page.void
setLoggedInPage(java.lang.String loggedInPage)
Sets logged in page.void
setLogoutPage(java.lang.String logoutPage)
Sets logout page.java.lang.String
setRedirectUrl(java.lang.String id, java.lang.String redirectUrl, javax.servlet.http.HttpServletRequest httpRequest)
Sets redirect URL.Methods inherited from class com.aducid.web.controller.ControllerBase
afterCheck, afterError, appendId, beforeErrorRedirect, beforeLoggedInRedirect, beforeLogoutRedirect, checkAnnotationConsistency, forwardToAducidResourcesPage, generateId, getAducidBinder, getAducidResources, getAdvancedClient, getAimUrl, getClientArguments, getClientArguments, getClientArguments, getErrorPage, getJsonClient, getLocalizedError, getLocalizedLocalizable, getLocalizedStatusable, getPushClientArguments, getRealAuthId, getRealErrorPage, getRealPeigTypePicture, getRealStatus, getResult, getResultNoLFCheck, getRootRedirect, getServletContext, getSimpleClient, getUrl, getUrl, getUrl, getVerificationResult, getVerifyMessageResult, getWebResult, isJson, processWebError, removeErrorFromSession, setErrorToRequest, setServletContext
-
Constructor Details
-
AuthenticationController
public AuthenticationController()
-
-
Method Details
-
getLoggedInPage
public java.lang.String getLoggedInPage()Returns logged in page.
- Returns:
- logged in page
-
setLoggedInPage
public void setLoggedInPage(java.lang.String loggedInPage)Sets logged in page.
- Parameters:
loggedInPage
- logged in page
-
getLogoutPage
public java.lang.String getLogoutPage()Returns logout page.
- Returns:
- logout page
-
setLogoutPage
public void setLogoutPage(java.lang.String logoutPage)Sets logout page.
- Parameters:
logoutPage
- logout page
-
setRedirectUrl
@RequestMapping("setRedirectUrl") @ResponseBody public java.lang.String setRedirectUrl(@RequestParam java.lang.String id, @RequestParam java.lang.String redirectUrl, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionSets redirect URL.
- Parameters:
id
- identifierredirectUrl
- redirect URLhttpRequest
- HTTP request- Returns:
- response as JSON
- Throws:
AducidWebException
- when error occurs during web controller call
-
setErrorPage
@RequestMapping("setErrorPage") @ResponseBody public java.lang.String setErrorPage(@RequestParam java.lang.String id, @RequestParam java.lang.String errorPage, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionSets error page.
- Parameters:
id
- identifiererrorPage
- error pagehttpRequest
- HTTP request- Returns:
- response as JSON
- Throws:
AducidWebException
- when error occurs during web controller call
-
authenticate
@RequestMapping("authenticate") @ResponseBody public java.lang.String authenticate(@RequestParam(required=false) java.lang.String id, @RequestParam(required=false) java.lang.Boolean generateQrCodePicture, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionStarts authentication operation.
- Parameters:
id
- identifiergenerateQrCodePicture
- generate QR code picture flag valuehttpRequest
- HTTP request- Returns:
- request operation result as JSON
- Throws:
AducidWebException
- when error occurs during web controller call
-
authenticateCheck
@RequestMapping("authenticateCheck") public org.springframework.web.servlet.ModelAndView authenticateCheck(@RequestParam java.lang.String id, @RequestParam(required=false) java.lang.String authId, @RequestParam(required=false) java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionEvaluates authentication operation result.
- Parameters:
id
- identifierauthId
- authentication identifierauthKey
- authentication keyhttpRequest
- HTTP request- Returns:
- model and view with redirect URL
- Throws:
AducidWebException
- when error occurs during web controller call
-
proxy
@RequestMapping("proxy") @ResponseBody public java.lang.String proxy(@RequestParam java.lang.String id, @RequestParam java.lang.String publicMethod, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionCalls public R4 method.
- Parameters:
id
- identifierpublicMethod
- public methodhttpRequest
- HTTP request- Returns:
- public method response as JSON
- Throws:
AducidWebException
- when error occurs during web controller call
-
logout
@RequestMapping(value="logout", method=GET) public java.lang.String logout(@RequestParam(required=false) java.lang.String id, javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) throws AducidWebExceptionUser logout.
- Parameters:
id
- identifierhttpRequest
- HTTP requesthttpResponse
- HTTP request- Returns:
- URL, where to redirect user after successful logout
- Throws:
AducidWebException
- when error occurs during web controller call
-
invalidate
@RequestMapping(value="invalidate", method=GET) @ResponseBody public java.lang.String invalidate(javax.servlet.http.HttpServletRequest httpRequest)Invalidates HTTP session.
- Parameters:
httpRequest
- HTTP request- Returns:
- response as JSON
-
isSessionValid
@RequestMapping(value="isSessionValid", method=GET) @ResponseBody public java.lang.String isSessionValid(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionChecks session validity.
- Parameters:
httpRequest
- HTTP request- Returns:
- response as JSON
- Throws:
AducidWebException
- when error occurs during web controller call
-
getPrincipal
protected com.aducid.principal.AducidPrincipal getPrincipal(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionReturns principal.
- Parameters:
httpRequest
- HTTP request- Returns:
- principal
- Throws:
AducidWebException
- when error occurs during web controller call
-
getAuthId
protected java.lang.String getAuthId(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionReturns authentication identifier from principal.
- Parameters:
httpRequest
- HTTP request- Returns:
- authentication identifier
- Throws:
AducidWebException
- when error occurs during web controller call
-
getAuthKey
protected java.lang.String getAuthKey(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionReturns authentication key from principal.
- Parameters:
httpRequest
- HTTP request- Returns:
- authentication key
- Throws:
AducidWebException
- when error occurs during web controller call
-
getVerifiedLF
protected java.lang.Boolean getVerifiedLF(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionReturns verified LF flag value from principal.
- Parameters:
httpRequest
- HTTP request- Returns:
- verified LF flag value
- Throws:
AducidWebException
- when error occurs during web controller call
-
buildPrincipal
protected com.aducid.principal.AducidPrincipal buildPrincipal(java.lang.String id, com.aducid.sdk.pojo.GetPSLAttributesResponse authData) throws AducidWebExceptionBuilds principal.
- Parameters:
id
- identifierauthData
- authentication data- Returns:
- principal
- Throws:
AducidWebException
- when error occurs during web controller call
-
checkResult
protected void checkResult(java.lang.String id, java.lang.String authId, java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionChecks operation result.
- Parameters:
id
- identifierauthId
- authentication identifierauthKey
- authentication keyhttpRequest
- HTTP request- Throws:
AducidWebException
- when error occurs during web controller call
-
checkAccess
protected void checkAccess(java.lang.String id, java.lang.String authId, java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionChecks access.
- Parameters:
id
- identifierauthId
- authentication identifierauthKey
- authentication keyhttpRequest
- HTTP request- Throws:
AducidWebException
- when error occurs during web controller call
-
checkPersonalFactor
protected void checkPersonalFactor(java.lang.String id, com.aducid.principal.AducidPrincipal principal, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionChecks personal factor.
- Parameters:
id
- identifierprincipal
- principalhttpRequest
- HTTP request- Throws:
AducidWebException
- when error occurs during web controller call
-
checkProofing
protected void checkProofing(java.lang.String id, com.aducid.principal.AducidPrincipal principal) throws AducidWebExceptionChecks proofing.
- Parameters:
id
- identifierprincipal
- principal- Throws:
AducidWebException
- when error occurs during web controller call
-
fixateSession
protected void fixateSession(javax.servlet.http.HttpServletRequest httpRequest)Fixates session.
- Parameters:
httpRequest
- HTTP request
-
processResponse
protected org.springframework.web.servlet.ModelAndView processResponse(java.lang.String id, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionProcesses response.
- Parameters:
id
- identifierhttpRequest
- HTTP request- Returns:
- model and view
- Throws:
AducidWebException
- when error occurs during web controller call
-
binderLogout
protected void binderLogout(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebExceptionBinder logout.
- Parameters:
httpRequest
- HTTP request- Throws:
AducidWebException
- when error occurs during web controller call
-